5.8.2 User Awareness
Ghosts of millions of former workers populate the databases of corporate America. The workers have moved on, but their ghosts linger, awaiting the hacker intent on using the ghosts identity to damage the companys network systems. Says Brian Hook in his Tech Republic article462.
The outdated access account can either be used by a black hat or by an employee whose layoff was handled with less than excellence. From a user awareness viewpoint:
Create and enforce non-disclosure policies. Non-disclosure is not the same as non-compete clauses. The former employee has a right to work, making non-compete clauses impractical. It is reasonable to expect them to not take with them sensitive supplier or customer data.
Home - Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.